package com.crm.jpaandthymeleaf.web.controller.api;

import com.crm.jpaandthymeleaf.entity.SysRight;
import com.crm.jpaandthymeleaf.entity.SysRole;
import com.crm.jpaandthymeleaf.entity.SysUser;
import com.crm.jpaandthymeleaf.service.ISysRightService;
import com.crm.jpaandthymeleaf.service.ISysRoleService;
import com.crm.jpaandthymeleaf.service.ISysUserService;
import com.crm.jpaandthymeleaf.service.LockLoginService;
import com.crm.jpaandthymeleaf.utils.SysConstants;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @author 周敬
 * @version 1.0
 * @packageName com.crm.jpaandthymeleaf.web.controller.api
 * @fileName AxiosLoginController
 * @createTime 2022/2/10-16:14-星期四
 * @lastModify 2022/2/10-16:14-星期四
 */
@RestController
@RequestMapping("/api")
public class AxiosLoginController {
    @Resource
    private ISysUserService userService;
    @Resource
    private HttpSession session;
    @Autowired
    private LockLoginService lockLoginService;
    @Autowired
    private ISysRoleService sysRoleService;
    @Autowired
    private ISysRightService sysRightService;

    @GetMapping("/login")
    public String toLong(){
        return "/login";
    }

    @GetMapping("/index")
    public String toIndex(){
        return "/index";
    }


    @PostMapping("/doLogin")
    public Map doLogin(@RequestBody SysUser loginUser){
        Map result = new HashMap();
        try {
            UsernamePasswordToken token = new UsernamePasswordToken(loginUser.getUsrName(),loginUser.getUsrPassword());
            Subject subject = SecurityUtils.getSubject();
            //认证/登录
            subject.login(token);
            //认证（登录）成功
            SysUser user = (SysUser) subject.getPrincipal();
            //获取权限
            //TODO 获取权限
            SysRole role = user.getRole();
            List<SysRight> rights = sysRightService.findSysRightByRole(role);
            role.getRights().addAll(rights);
            //清除登录记录次数
            lockLoginService.clean(loginUser.getUsrName());
            session.setAttribute(SysConstants.SESSION_SYS_USER,user);
            result.put("user",user.getUsrName());
            result.put("role",user.getRole());
            result.put("rights",rights);
            result.put("code",0);
            return result;
        } catch (UnknownAccountException | IncorrectCredentialsException e) {
            result.put("msg","用户名或密码错误，登录错误！");
        }catch (LockedAccountException e){
            result.put("msg","用户被禁用，登录失败！");
        }catch (AuthenticationException e){
            result.put("msg","认证异常，登录认证！");
        }
        result.put("code",1);
        return result;
    }

//    @GetMapping("/logout")
//    public String toLogOut(){
//        session.removeAttribute(SysConstants.SESSION_SYS_USER);
//        //shiro注销
//        SecurityUtils.getSubject().logout();
//        return "redirect:/login";
//    }

    @GetMapping("/403")
    public String unauthorized(){
        return "/403";
    }
}
